Before we head out to Las Vegas next week for our annual Knowledge event, we wanted to give you a look at what you may see if you visit the Risk demo stations, watch a keynote, stop by a roadmap session or what we know people will be chatting about on the show floor. For those of you not making the trip, we also wanted to share with you what is available today as our May Store Release is now available!
We have several enhancements to Now Assist for IRM that will help you and your team further leverage GenAI within your risk program.
Risk Assessment Summarization
Manual processing and summarization of risk assessments can be time-consuming, inaccurate and often lacks the contextual consistency needed for swift approvals. By employing AI-driven algorithms, Now Assist streamlines the risk assessment summarization process for increased consistency across teams.
This Now Assist for IRM skill automates risk assessment summaries to drive consistency and improve assessor efficiency. It extracts key insights to set context quickly for approvers, or it can also be used to generate and save summaries for past assessments in work notes to harmonize summaries within an organization for balanced and aligned risk decisions.
Both assessors and approvers will benefit from the Gen AI capabilities across various assessment states. It's important to note the specific roles required to utilize these features, which will further streamline the risk management processes.
Watch the Demo.
With Risk Assessment Summarization, you can:
- Automate risk assessment summaries to drive consistency and improve assessor efficiency
- Extract key insights to set context quickly for approvers
- Generate and save summaries for past assessments in work notes while preserving a snapshot of the assessor's input
Rationalization and Deduplication of Control Objectives
As regulatory requirements continue to evolve, your compliance team may find themselves overwhelmed by the sheer number of control objectives in your systems. Many of these objectives can be similar or even duplicates, which not only creates unnecessary complexity but also increases the risk of errors or omissions.
This is where control objective rationalization comes in. This component tackles the proliferation of control objectives brought about by evolving regulatory requirements. By leveraging AI technology, Now Assist identifies and eliminates duplicate control objectives, enhancing operational efficiency, enabling faster decision-making and reducing the likelihood of compliance errors. With this enhancement, your compliance team can streamline its processes, focus on high-priority objectives, and ensure adherence to regulatory mandates with greater ease.
Watch the Demo.
Rationalization and deduplication of control objectives helps you:
- Streamline processes by identifying and eliminating redundant control objectives, boosting the efficiency
- Highlight most relevant control objectives, with associated citations, policies etc. to drive faster decisions
- Simplify testing with a "test once, comply many" approach by defining a clear set of control objectives that align with regulatory standards
Regulatory Alert Summarization and Mapping
AI-driven regulatory alert summarization generates a summary of critical updates, important dates, and key changes from incoming regulatory alerts. This feature saves time and effort for compliance practitioners by providing actionable insights in a digestible format. Regulatory alert mapping offers recommendations using generative AI and advanced AI search to identify ideal citations and control objectives relevant to regulatory alerts for reduced time and increased accuracy.
Watch the Demo.
With Regulatory alert summarization and mapping, you can:
- Summarize regulatory information into business-relevant summaries, ensuring no critical information is missed
- Recommend control objectives to map to regulatory alerts for improved operationalization
- Improve compliance efficiency and accuracy, reduce risks and enhance operational agility
Optimize GRC Issue Resolution workflow
To further help unburden compliance teams, Now Assist for IRM also includes a workflow that leverages multiple AI agents to automate and standardize issue resolution. Organizations that struggle with inconsistent issue management, manual inefficiencies, and delays in remediation can now leverage these agents through the Optimize GRC Issue Resolution workflow to automate issue resolution, ensuring faster, standardized, and intelligent remediation. This agentic workflow helps teams systematize issue management by using agents to identify similar issues, and based on historical data, recommends actions and tasks for a comprehensive issue resolution plan.
Watch the Demo.
This AI-powered workflow drives faster, standardized issue remediation by helping you to:
- Identify similar past issues and generate a structured action plan
- Determine the most suitable remediation actions for inclusion in the plan and subsequent approval
- Expedite the issue management lifecycle and speed time to resolution
Also, within Integrated Risk Management, we have added an additional feature that customers have been asking for to help drive business agility while protecting your sensitive data.
Entity-based user access
Regulatory standards require organizations to implement tight access controls to safeguard sensitive data. As you know, these controls are essential to ensure that only authorized users can interact with specific information, protecting both valuable data and intellectual property from unauthorized access. ServiceNow’s Entity-based user access application allows organizations to enforce more granular access controls at the entity level, providing a secure framework for managing access to related records and reducing security risks. GRC administrators can use this tool to set up secure and controlled access to related records of entities.
Watch the Demo.
With entity-based user access, you can:
- Protect sensitive data and intellectual property from potential data leaks or unauthorized usage with access control at the entity level
- Leverage this framework for detailed access management of objects and records linked to an entity
- Meet regulatory compliance requirements while driving business agility by enabling more precise information access across the organization
Finally, we have also made some enhancements as we continue to support our Operational Resilience customers with a new reporting data model. This was added to help support customers with varied CMDB maturity levels gain value from Operational Resilience quickly and more easily meet the requirements of DORA and other regulations.
While that’s not all, we need to keep some excitement for our Knowledge event! Look for more to come out of Vegas next week as we spend time innovating with customers, partners and our team! We hope to see you there.
